microsoft
/
CBL-Mariner
зеркало из https://github.com/microsoft/CBL-Mariner.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
3 421 коммит 1 001 ветка 463 Теги 874 MiB
Граф коммитов

3421 Коммитов

Автор SHA1 Сообщение Дата
CBL-Mariner-Bot f3e407abb6
Upgrade php to 8.1.16 to fix CVE-2023-0568, CVE-2023-0662 (#4970) 2023-03-02 19:35:53 +05:30
Muhammad Falak R Wani a64532484c
Add 9 rubygem-* packages (#4307) 
The following packages are added:
- rubygem-bson
- rubygem-diff-lcs
- rubygem-flexmock
- rubygem-maruku
- rubygem-mysql2
- rubygem-rspec-expectations
- rubygem-rspec-mocks
- rubygem-rspec-support
- rubygem-thread_order

Signed-off-by: Muhammad Falak R Wani <falakreyaz@gmail.com>
 2023-03-02 17:38:44 +05:30
Sumynwa 631df6bced
Add udisks2 package version 2.9.4 (#4844) 
* udisks2: Add package version 2.9.4

- Disable sub-packages iSCSI, LSM, docs and manpage

* udisks2: cgmanifest add package entry

* udisks2: licenses add package entry
 2023-03-02 16:15:41 +05:30
Sumynwa c298573433
Add ptlib package version 2.10.11 (#4843) 
* ptlib: Add package version 2.10.11

* ptlib: cgmanifest add package entry

* ptlib: licenses add package entry
 2023-03-02 16:10:47 +05:30
Sumynwa f0ace65fc5
Add opal pakcage version 3.10.11 (#4842) 
* opal: Add package version 3.10.11

* opal: cgmanifest add package entry

* opal: licenses add package entry
 2023-03-02 16:07:24 +05:30
Sumynwa 930ef69b6a
Add gupnp package version 1.6.3 (#4841) 
* gupnp: Add package version 1.6.3

- Disable docs

* gupnp: cgmanifest add package entry

* gupnp: licenses add package entry
 2023-03-02 16:04:17 +05:30
Sumynwa b313bb2230
Add gupnp-igd package version 1.2.0 (#4840) 
* gupnp-igd: Add package version 1.2.0

- Patch build to use api version 1.2 for BR's gssdp and gupnp

* gupnp-igd: cgmanifest add package entry

* gupnp-igd: Correct changelog, patch build to use api version 1.6 for BR's gssdp and gupnp

* gupnp-igd: licenses add package entry
 2023-03-02 16:00:59 +05:30
Sumynwa 5fab928637
Add gupnp-dlna package version 0.12.0 (#4839) 
* gupnp-dlna: Add package version 0.12.0

* gupnp-dlna: cgmanifest add package entry

* gupnp-dlna: licenses add package entry
 2023-03-02 15:57:35 +05:30
Sumynwa e851987142
Add gssdp package version 1.6.2 (#4838) 
* gssdp: Add package version 1.6.2

- Disable sub-package gssdp-device-sniffer
- Disable sub-package docs and manpage

* gssdp: cgmanifest add package entry

* gssdp: licenses add package entry
 2023-03-02 15:54:09 +05:30
Sumynwa c21cb51672
Add dleyna-core package version 0.6.0 (#4837) 
* dleyna-core: Add package version 0.6.0

- Patch to use gupnp api version 1.6

* dleyna-core: cgmanifest add package entry

* dleyna-core: licenses add package entry
 2023-03-02 15:51:06 +05:30
Sumynwa 449dff8a1f
Add dleyna-connector-dbus package version 0.3.0 (#4836) 
* Add dleyna-connector-dbus package version 0.3.0

* dleyna-connector-dbus: cgmanifest add package entry

* dleyna-connector-dbus: Fix release number

* dleyna-connector-dbus: license add package entry
 2023-03-02 15:47:16 +05:30
Sumynwa 842914216b
Add frr package version 8.4.2 (#4716) 
* frr: Add package version 8.4.2

- Disable sub-package selinux due to missing BR selinux-policy-targeted

* frr: cgmanifest add package entry

* frr: update source url and sources tarball checksum

* frr: cgmanifest fix downloadUrl

* frr: licenses add package entry
 2023-03-02 15:40:31 +05:30
Muhammad Falak R Wani 25703edc82
Add foomatic & foomatic-db (#4746) 
* foomatic-db: fix source url

Signed-off-by: Muhammad Falak R Wani <falakreyaz@gmail.com>
 2023-03-02 14:12:43 +05:30
Muhammad Falak R Wani 5057496186
Add package crypto-policies version 20200619 (#4605) 
* crypto-polices: switch to autosetup

Signed-off-by: Muhammad Falak R Wani <falakreyaz@gmail.com>
 2023-03-02 13:32:50 +05:30
Pawel Winogrodzki 88571cddcd
Added new Microsoft-owned root CAs to the base set of trusted CAs. (#4913) 2023-03-01 17:06:10 -08:00
Olivia Crain 4d281d8046
Upgrade fluent-bit to 2.0.9 (#4971) 
* Upgrade fluent-bit to 2.0.9

* fixup! Upgrade fluent-bit to 2.0.9

* fixup! Upgrade fluent-bit to 2.0.9
 2023-03-01 08:47:21 -08:00
sindhu-karri 7ef4978dbc
Add package geos v3.11.1 (#4857) 2023-03-01 15:13:44 +05:30
Aurélien 2d40397e27
kernel-uvm: enable Hyper-V enlightenments (#4919) 
This enables Hyper-V enlightenments for the UVM kernel and should provide better support for Kata workloads. Notably, this already improves Kata's memory performance up to 40x and brings it on par with runC.
 2023-02-28 15:50:32 -08:00
Minghe Ren 302dff6f00
fix python-werkzeug CVE build failure (#4961) 
* modify cloud.cfg

* add patch for werkzeug CVE

* fix patch not apply
 2023-02-28 14:52:34 -08:00
Cameron E Baird 4370c6aded
Move -lib obsoletes to correct subpackage and remove AutoProv: No in cyrus-sasl-bootstrap to address build break (#4957) 
* Gate cyrus-sasl obsoletes by pkg version/rel. Move -lib obsoletes to correct subpackage.

* Remove AutoProv: no to address build issues in openlda
 2023-02-28 12:01:07 -08:00
Sumynwa 4826601b58
buildah: Fix runtime requirements. (#4956) 2023-02-28 23:35:30 +05:30
Pawel Winogrodzki 4bb1f647aa
Added an initial build pipeline for livepatches. (#4928) 2023-02-28 09:41:54 -08:00
Sumynwa 4f39c2285b
Patch libtiff for CVE-2023-0795(to 0799) and CVE-2023-0800(to 0804) (#4903) 
* libtiff: Patch for CVE-2023-0795 (also CVE-2023-0796/0797/0798/0799) and CVE-2023-0800 (also CVE-2023-0801/0802/0803/0804)

- Add fixes for
  a. tiffcrop correctly update buffersize after rotateImage(). fix#520
  b. TIFFClose() avoid NULL pointer dereferencing. fix#515

References:
CVE-2023-0795: https://gitlab.com/libtiff/libtiff/-/issues/494
CVE-2023-0800: https://gitlab.com/libtiff/libtiff/-/issues/501

* libtiff: lint spec file
 2023-02-28 15:39:02 +05:30
Muhammad Falak R Wani c76381fb37
Add package mksh v59c (#4904) 
* mksh: use http instead of https

Signed-off-by: Muhammad Falak R Wani <falakreyaz@gmail.com>
 2023-02-28 13:49:02 +05:30
Sam Meluch e6a874d839
Upgrade erlang to version 25.2 to support rabbitmq (#4878) 
* Upgrade erlang to version 25.2

* Explicitly list files added to /usr/local/bin and wildcard for /usr/local/bin/erlang

Co-authored-by: Pawel Winogrodzki <pawelwi@microsoft.com>

* Implement PR feedback for %configure, License name, and bin/lib dirs

---------

Co-authored-by: Pawel Winogrodzki <pawelwi@microsoft.com>
 2023-02-27 16:18:04 -06:00
Vince Perri 393178334d
kernel-hci: Add QinQ patches (#4868) 2023-02-27 14:21:48 -05:00
Minghe Ren 17e7d919b9
add patch for python-werkzeug CVE-2023-25577 (#4927) 
* modify cloud.cfg

* add patch for werkzeug CVE
 2023-02-27 10:25:31 -08:00
Minghe Ren b295e0a38c
add patch Harbuzz CVE-2023-25193 (#4918) 
* modify cloud.cfg

* add patch for harbuzz cve
 2023-02-24 17:32:03 -08:00
Olivia Crain 91229a11c5
Upgrade telegraf to 1.25.2 to fix several vendored CVEs (#4921) 2023-02-24 15:12:38 -06:00
Andrew Phelps 347359f9d6
fix URL to mariner-nvidia.repo (#4920) 2023-02-24 12:51:54 -08:00
Elaheh Dehghani a122b53fe8
Enable adb-generic-tools in mstflint build config (#4914) 
* enabled adb-generic-tools in mstflint build config

* bump up the release number

* Update SPECS/mstflint/mstflint.spec

Co-authored-by: Pawel Winogrodzki <pawelwi@microsoft.com>

---------

Co-authored-by: Pawel Winogrodzki <pawelwi@microsoft.com>
 2023-02-24 10:56:31 -08:00
Saul Paredes 1c2bcc85fc
cyrus-sasl: bump release (#4894) 
* cyrus-sasl: bump release

* updated changelog

* update changelog
 2023-02-23 18:00:35 -08:00
Pawel Winogrodzki fe59b42beb
Livepatched 5.15.87.1-1. CVEs: 2022-47929, 2023-0266, 2023-0394. (#4869) 
* Livepatching CVE-2023-0266.

* Adding patches for CVE-2022-47929 and CVE-2023-0394.
 2023-02-23 16:58:04 -08:00
Pawel Winogrodzki 21a485ec5f
Ignored `ccache` directory. (#4912) 
Co-authored-by: Daniel McIlvaney <damcilva@microsoft.com>
 2023-02-23 16:18:26 -08:00
dependabot[bot] f6b5cd2e72
Bump golang.org/x/text from 0.3.7 to 0.3.8 in /toolkit/tools (#4910) 
Bumps [golang.org/x/text](https://github.com/golang/text) from 0.3.7 to 0.3.8.
- [Release notes](https://github.com/golang/text/releases)
- [Commits](https://github.com/golang/text/compare/v0.3.7...v0.3.8)

---
updated-dependencies:
- dependency-name: golang.org/x/text
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Pawel Winogrodzki <pawelwi@microsoft.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-02-23 15:10:24 -08:00
CBL-Mariner-Bot dc699eec71
Kernel upgrade to 5.15.94.1 version (#4906) 2023-02-23 11:17:23 -08:00
Adit Jha 6e9502545b
Documentation for CGroup toggle in toolkit/docs/formats/imageconfig.md to generate Mariner images with cgroupv2 (#4908) 2023-02-23 10:49:13 -08:00
Sumynwa d4fb9144a8
Bump haproxy version to 2.4.22 for CVE-2023-25725 (#4905) 
* haproxy: Add nopatch for CVE-2023-25725

Bump version to 2.4.22 which contains the fix.

Reference:
Upstream: a8598a2eb1
Release Note: https://git.haproxy.org/?p=haproxy-2.4.git;a=log;h=refs/tags/v2.4.22

* haproxy: Update cgmanifest

* haproxy: Correct changelog

* haproxy: Delete nopatch file as not needed
 2023-02-23 14:14:28 +05:30
rlmenge 2cdd9598cd
kernel-mshv: Install vmlinux with root executable permissions (#4900) 
Cherry-pick of abe0019

There was a bug where debug sources were missing from sources that were
built into vmlinux. This is because find_debuginfo, the script which
extracts debug sources, looks only at files which are executable.
Because we were installing vmlinux as 644, it was being skipped.
Therefore, change to install with permissions 744.
 2023-02-22 15:05:26 -08:00
osamaesmailmsft 10c686d122
prometheus-adapter: Adding to core packages (#4867) 2023-02-22 14:21:31 -08:00
rlmenge 0e4581a73e
kernel-azure: Install vmlinux with root executable permissions (#4898) 
Cherry-pick of abe001946e

There was a bug where debug sources were missing from sources that were
built into vmlinux. This is because find_debuginfo, the script which
extracts debug sources, looks only at files which are executable.
Because we were installing vmlinux as 644, it was being skipped.
Therefore, change to install with permissions 744.
 2023-02-22 11:05:41 -08:00
rlmenge 1a2de25ba5
kernel-hci: Install vmlinux with root executable permissions (#4899) 
Cherry-pick of abe0019

There was a bug where debug sources were missing from sources that were
built into vmlinux. This is because find_debuginfo, the script which
extracts debug sources, looks only at files which are executable.
Because we were installing vmlinux as 644, it was being skipped.
Therefore, change to install with permissions 744.
 2023-02-22 11:05:19 -08:00
osamaesmailmsft 00c33dbd69
Parse %check section when RUN_CHECK=y to add %check passing as a requirement (#4751) 2023-02-22 10:29:21 -08:00
Minghe Ren 5a7d5c8a82
upgrade cloud-init to 22.4 (#4870) 
* modify cloud.cfg

* cloud-init upgrade

* update cgmanifest and remove patches
 2023-02-22 10:11:06 -08:00
suresh-thelkar 3038e51aa5
Add package rcs version 5.10.1 (#4583) 
* rcs: Add cgmanifest entry
* rcs: Update license map
* rcs: using https URL in Source0
 2023-02-22 11:15:19 +05:30
suresh-thelkar d987a9b5bd
libgdither: Add package version 0.6 (#4549) 
* libgdither: Fixing linter warnings
* libgdither: Add cgmanifest entry
* libgdither: Update license map
 2023-02-22 10:32:56 +05:30
suresh-thelkar 21785bcf27
bolt: Add package version 0.9.2 (#4547) 
* bolt: Fixing linter warnings
* bolt: Fixing Linter Spec false warnings
* bolt: Fixing buddy build issues
* bolt: Add cgmanifest entry
* bolt: Update license map
 2023-02-22 10:09:30 +05:30
suresh-thelkar 9403cd594f
Add package openrdate version 1.2 (#4604) 
* openrdate: Adding cgmanifest entry
* openrdate: Using autosetup macro
* openrdate: Update license map
 2023-02-22 09:38:34 +05:30
Muhammad Falak R Wani c292a440d0
Fix podman build-break (#4892) 
* podman: bump version of gvproxy to enable build with go1.19

Signed-off-by: Muhammad Falak R Wani <falakreyaz@gmail.com>
 2023-02-22 08:45:15 +05:30
CBL-Mariner-Bot 5568af22ec
[AUTOPATCHER-CORE] Upgrade clamav to 0.105.2 CVE-2023-20032 CVE-2023-20052 - (#4881) 
* Upgrade clamav to 0.105.2 CVE-2023-20032

* Update sig for clamav's cargo tar.gz dependency

---------

Co-authored-by: corvus-callidus <108946721+corvus-callidus@users.noreply.github.com>
 2023-02-21 11:39:51 -08:00